Skip to Main content Skip to Navigation
Conference papers

Assembling Metadata for Database Forensics

Abstract : Since information is often a primary target in a computer crime, organizations that store their information in database management systems (DBMSs) must develop a capability to perform database forensics. This paper describes a database forensic method that transforms a DBMS into the required state for a database forensic investigation. The method segments a DBMS into four abstract layers that separate the various levels of DBMS metadata and data. A forensic investigator can then analyze each layer for evidence of malicious activity. Tests performed on a compromised PostgreSQL DBMS demonstrate that the segmentation method provides a means for extracting the compromised DBMS components.
Document type :
Conference papers
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download
Contributor : Hal Ifip <>
Submitted on : Thursday, July 27, 2017 - 8:22:33 AM
Last modification on : Sunday, November 22, 2020 - 12:52:02 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Hector Beyers, Martin Olivier, Gerhard Hancke. Assembling Metadata for Database Forensics. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. pp.89-99, ⟨10.1007/978-3-642-24212-0_7⟩. ⟨hal-01569562⟩



Record views


Files downloads